macOS Zero-Day Vulnerability Disclosed by Project Zero

Researchers from Google’s Project Zero revealed information regarding a macOS zero-day vulnerability, dubbed “BuggyCow,” after Apple failed to address the issue by the 90-day deadline. The copy-on-write (COW) behavior bypass flaw could allow a local user to escalate privileges. The researchers also provided proof-of-concept (PoC) code to exploit the vulnerability. The NJCCIC recommends macOS users review the Project Zero post and apply the patch if and when one becomes available.

Reference in this site to any specific commercial product, process, or service, or the use of any trade, firm or corporation name is for the information and convenience of the public, and does not constitute endorsement, recommendation, or favoring by the NJCCIC and the State of New Jersey.